Vulnerability-Lookup

WID-SEC-W-2025-1785

Vulnerability from csaf_certbund - Published: 2025-08-12 22:00 - Updated: 2025-10-29 23:00

Summary

Intel Prozessoren: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Prozessor ist das zentrale Rechenwerk eines Computers.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Prozessor ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuführen.

Betroffene Betriebssysteme: - Hardware Appliance - Sonstiges

CVE-2025-20044

Affected products

Known affected 20 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor Xeon 6 TDX Module <2.0.08 Intel / Prozessor		Xeon 6 TDX Module <2.0.08
Intel Prozessor Xeon 6 E-cores TDX Module <1.5.13 Intel / Prozessor		Xeon 6 E-cores TDX Module <1.5.13
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor 5th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		5th Gen Xeon TDX Module <1.5.13
Intel Prozessor 4th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		4th Gen Xeon TDX Module <1.5.13
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-20053

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-21090

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-24305

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-20109

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor <IPU 2025.2 Update Intel / Prozessor		<IPU 2025.2 Update
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-20613

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-21096

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22853

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22840

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor Xeon 6 Scalable <010003A1 MR1 Intel / Prozessor		Xeon 6 Scalable <010003A1 MR1
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22889

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor Xeon 6 P-cores <010003A1 MR1 Intel / Prozessor		Xeon 6 P-cores <010003A1 MR1
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-26403

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-32086

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-22839

Affected products

Known affected 27 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor 5th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		5th Gen Xeon TDX Module <1.5.13
Intel Prozessor 4th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		4th Gen Xeon TDX Module <1.5.13
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 TDX Module <2.0.08 Intel / Prozessor		Xeon 6 TDX Module <2.0.08
Intel Prozessor Xeon 6 E-cores TDX Module <1.5.13 Intel / Prozessor		Xeon 6 E-cores TDX Module <1.5.13
Intel Prozessor <IPU 2025.2 Update Intel / Prozessor		<IPU 2025.2 Update
Intel Prozessor Xeon 6 P-cores <010003A1 MR1 Intel / Prozessor		Xeon 6 P-cores <010003A1 MR1
Intel Prozessor Xeon 6 Scalable <010003A1 MR1 Intel / Prozessor		Xeon 6 Scalable <010003A1 MR1
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

References

29 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://intel.com/content/www/us/en/security-cent…	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/000356015	external
https://www.dell.com/support/kbdoc/de-de/00032139…	external
https://www.dell.com/support/kbdoc/000355904	external
https://support.hp.com/de-de/document/ish_1288845…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.dell.com/support/kbdoc/de-de/00036491…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-2994.html	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-2993.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-3014.html	external
https://www.dell.com/support/kbdoc/de-de/00036369…	external
https://lists.debian.org/debian-security-announce…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://lists.debian.org/debian-lts-announce/2025…	external
https://support.hp.com/us-en/document/ish_1317605…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Prozessor ist das zentrale Rechenwerk eines Computers.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Prozessor ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Hardware Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1785 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1785.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1785 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1785"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01245 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01249 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01308 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01311 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01310 vom 2025-08-12",
        "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-200921 vom 2025-08-13",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-200921"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-323 vom 2025-08-13",
        "url": "https://www.dell.com/support/kbdoc/000356015"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-211 vom 2025-08-12",
        "url": "https://www.dell.com/support/kbdoc/de-de/000321391/dsa-2025-211"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-324 vom 2025-08-14",
        "url": "https://www.dell.com/support/kbdoc/000355904"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04046 vom 2025-07-24",
        "url": "https://support.hp.com/de-de/document/ish_12888454-12888476-16/HPSBHF04046"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04933 vom 2025-08-19",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04933en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04934 vom 2025-08-19",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04934en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15492-1 vom 2025-08-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QCD4LGWFI6GUGOAC53YPUAQNABKWJ3FA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03052-1 vom 2025-09-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022382.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03053-1 vom 2025-09-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022381.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-297 vom 2025-09-03",
        "url": "https://www.dell.com/support/kbdoc/de-de/000364913/dsa-2025-297-security-update-for-dell-poweredge-server-for-intel-2025-security-advisories-2025-3-ipu"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03116-1 vom 2025-09-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022411.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20691-1 vom 2025-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022460.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2994 vom 2025-09-16",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2994.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2993 vom 2025-09-16",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2993.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20715-1 vom 2025-09-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022557.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-3014 vom 2025-09-29",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3014.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-166 vom 2025-10-14",
        "url": "https://www.dell.com/support/kbdoc/de-de/000363693/dsa-2025-166-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6030 vom 2025-10-22",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00196.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04916 vom 2025-10-23",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04916en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4347 vom 2025-10-25",
        "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04071 vom 2025-10-09",
        "url": "https://support.hp.com/us-en/document/ish_13176059-13176083-16/HPSBHF04071"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Prozessoren: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-29T23:00:00.000+00:00",
      "generator": {
        "date": "2025-10-30T08:13:48.211+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1785",
      "initial_release_date": "2025-08-12T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-13T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell und HP aufgenommen"
        },
        {
          "date": "2025-08-19T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-09-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-03T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-09-09T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-10T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-16T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-09-17T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-29T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-10-13T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-10-22T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian und HP aufgenommen"
        },
        {
          "date": "2025-10-26T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-10-29T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "15"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T036868",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Dell PowerEdge",
                "product": {
                  "name": "Dell PowerEdge",
                  "product_id": "T019535",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:poweredge:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Dell PowerEdge",
                "product": {
                  "name": "Dell PowerEdge",
                  "product_id": "T033533",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:poweredge:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerEdge"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "OneFS",
                "product": {
                  "name": "Dell PowerScale OneFS",
                  "product_id": "T034610",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerscale_onefs:onefs"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerScale"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HP Computer",
                "product": {
                  "name": "HP Computer",
                  "product_id": "T030989",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:computer:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HP Computer",
                "product": {
                  "name": "HP Computer",
                  "product_id": "T032786",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:computer:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Computer"
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE ProLiant",
                "product": {
                  "name": "HPE ProLiant",
                  "product_id": "T027705",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:proliant:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE ProLiant",
                "product": {
                  "name": "HPE ProLiant",
                  "product_id": "T027712",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:proliant:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ProLiant"
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4th Gen Xeon TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor 4th Gen Xeon TDX Module \u003c1.5.13",
                  "product_id": "T045803"
                }
              },
              {
                "category": "product_version",
                "name": "4th Gen Xeon TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor 4th Gen Xeon TDX Module 1.5.13",
                  "product_id": "T045803-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:4th_gen_xeon_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "5th Gen Xeon TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor 5th Gen Xeon TDX Module \u003c1.5.13",
                  "product_id": "T045804"
                }
              },
              {
                "category": "product_version",
                "name": "5th Gen Xeon TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor 5th Gen Xeon TDX Module 1.5.13",
                  "product_id": "T045804-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:5th_gen_xeon_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 E-cores TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor Xeon 6 E-cores TDX Module \u003c1.5.13",
                  "product_id": "T045805"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 E-cores TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor Xeon 6 E-cores TDX Module 1.5.13",
                  "product_id": "T045805-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_e-cores_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 TDX Module \u003c2.0.08",
                "product": {
                  "name": "Intel Prozessor Xeon 6 TDX Module \u003c2.0.08",
                  "product_id": "T045806"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 TDX Module 2.0.08",
                "product": {
                  "name": "Intel Prozessor Xeon 6 TDX Module 2.0.08",
                  "product_id": "T045806-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_tdx_module__2.0.08"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cIPU 2025.2 Update",
                "product": {
                  "name": "Intel Prozessor \u003cIPU 2025.2 Update",
                  "product_id": "T045807"
                }
              },
              {
                "category": "product_version",
                "name": "IPU 2025.2 Update",
                "product": {
                  "name": "Intel Prozessor IPU 2025.2 Update",
                  "product_id": "T045807-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:ipu_2025.2_update"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 P-cores \u003c010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores \u003c010003A1 MR1",
                  "product_id": "T045809"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 P-cores 010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores 010003A1 MR1",
                  "product_id": "T045809-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_p-cores__010003a1_mr1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 Scalable \u003c010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 Scalable \u003c010003A1 MR1",
                  "product_id": "T045810"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 Scalable 010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 Scalable 010003A1 MR1",
                  "product_id": "T045810-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_scalable__010003a1_mr1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 4,5,6 \u003c1.5.16",
                "product": {
                  "name": "Intel Prozessor Xeon 4,5,6 \u003c1.5.16",
                  "product_id": "T046051"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 4,5,6 1.5.16",
                "product": {
                  "name": "Intel Prozessor Xeon 4,5,6 1.5.16",
                  "product_id": "T046051-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_456__1.5.16"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 P-cores \u003c2.0.8",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores \u003c2.0.8",
                  "product_id": "T046052"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 P-cores 2.0.8",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores 2.0.8",
                  "product_id": "T046052-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_p-cores__2.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon W2400 and W3400",
                "product": {
                  "name": "Intel Prozessor Xeon W2400 and W3400",
                  "product_id": "T046054",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 family",
                "product": {
                  "name": "Intel Prozessor Xeon 6 family",
                  "product_id": "T046056",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_family"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 with E-cores",
                "product": {
                  "name": "Intel Prozessor Xeon 6 with E-cores",
                  "product_id": "T046057",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 with P-cores",
                "product": {
                  "name": "Intel Prozessor Xeon 6 with P-cores",
                  "product_id": "T046059",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5th, 4th Gen Xeon Scalable Processors",
                "product": {
                  "name": "Intel Prozessor 5th, 4th Gen Xeon Scalable Processors",
                  "product_id": "T046063",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Prozessor"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T026557",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20044",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045806",
          "T045805",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T045804",
          "T045803",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20044"
    },
    {
      "cve": "CVE-2025-20053",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20053"
    },
    {
      "cve": "CVE-2025-21090",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-21090"
    },
    {
      "cve": "CVE-2025-24305",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-24305"
    },
    {
      "cve": "CVE-2025-20109",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045807",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20109"
    },
    {
      "cve": "CVE-2025-20613",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20613"
    },
    {
      "cve": "CVE-2025-21096",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-21096"
    },
    {
      "cve": "CVE-2025-22853",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22853"
    },
    {
      "cve": "CVE-2025-22840",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "T045810",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22840"
    },
    {
      "cve": "CVE-2025-22889",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045809",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22889"
    },
    {
      "cve": "CVE-2025-26403",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557",
          "T046059",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-26403"
    },
    {
      "cve": "CVE-2025-32086",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557",
          "T046059",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-32086"
    },
    {
      "cve": "CVE-2025-22839",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T046051",
          "T046052",
          "T036868",
          "T019535",
          "T045804",
          "T045803",
          "T027712",
          "T046056",
          "398363",
          "T046054",
          "T046059",
          "T046057",
          "T034610",
          "T046063",
          "T045806",
          "T045805",
          "T045807",
          "T045809",
          "T045810",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22839"
    }
  ]
}

CVE-2025-20044 (GCVE-0-2025-20044)

Vulnerability from cvelistv5 – Published: 2025-08-12 17:29 – Updated: 2026-02-26 17:49

Summary

Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

4.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE

Escalation of Privilege
CWE-667 - Improper Locking

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) TDX Module firmware	Affected: before version 1.5.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20044",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T03:55:59.103025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:03.287Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) TDX Module firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 1.5.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-667",
              "description": "Improper Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T17:29:04.317Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-20044",
    "datePublished": "2025-08-12T17:29:04.317Z",
    "dateReserved": "2024-10-10T03:00:11.181Z",
    "dateUpdated": "2026-02-26T17:49:03.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-20053 (GCVE-0-2025-20053)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE

Escalation of Privilege
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) Processor firmware with SGX enabled	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20053",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T15:04:33.196160Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:39.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:05.343Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) Processor firmware with SGX enabled",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-119",
              "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:03.436Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-20053",
    "datePublished": "2025-08-12T16:58:03.436Z",
    "dateReserved": "2025-01-16T04:00:23.817Z",
    "dateUpdated": "2026-02-26T17:49:39.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-20109 (GCVE-0-2025-20109)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

Escalation of Privilege
CWE-653 - Improper Isolation or Compartmentalization

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Processors	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20109",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T15:04:38.127973Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:37.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:06.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-653",
              "description": "Improper Isolation or Compartmentalization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:18.377Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-20109",
    "datePublished": "2025-08-12T16:58:18.377Z",
    "dateReserved": "2024-10-10T03:00:11.159Z",
    "dateUpdated": "2026-02-26T17:49:37.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-20613 (GCVE-0-2025-20613)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-12 19:22

Summary

Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access.

Severity

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

Information Disclosure
CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) TDX	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20613",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-12T19:22:09.607908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-12T19:22:19.332Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en"
            },
            {
              "cweId": "CWE-337",
              "description": "Predictable Seed in Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:20.129Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-20613",
    "datePublished": "2025-08-12T16:58:20.129Z",
    "dateReserved": "2025-01-08T04:00:28.773Z",
    "dateUpdated": "2025-08-12T19:22:19.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-21090 (GCVE-0-2025-21090)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-11-03 17:32

Summary

Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

Denial of Service
CWE-771 - Missing Reference to Active Allocated Resource

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) processors	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-21090",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-12T19:09:39.376713Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-12T20:52:04.760Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:07.274Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "PHYSICAL",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en"
            },
            {
              "cweId": "CWE-771",
              "description": "Missing Reference to Active Allocated Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:26.621Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-21090",
    "datePublished": "2025-08-12T16:58:26.621Z",
    "dateReserved": "2025-01-09T04:00:22.738Z",
    "dateUpdated": "2025-11-03T17:32:07.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-21096 (GCVE-0-2025-21096)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

1.9 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE

Escalation of Privilege
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) TDX	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-21096",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T15:04:44.469870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:34.117Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-119",
              "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:29.807Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-21096",
    "datePublished": "2025-08-12T16:58:29.807Z",
    "dateReserved": "2025-01-16T04:00:23.740Z",
    "dateUpdated": "2026-02-26T17:49:34.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-22839 (GCVE-0-2025-22839)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

CWE

Escalation of Privilege
CWE-1220 - Insufficient Granularity of Access Control

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) 6 Scalable processors	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22839",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T15:04:45.685358Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:33.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:11.118Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) 6 Scalable processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-1220",
              "description": "Insufficient Granularity of Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:36.355Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-22839",
    "datePublished": "2025-08-12T16:58:36.355Z",
    "dateReserved": "2025-01-16T04:00:23.780Z",
    "dateUpdated": "2026-02-26T17:49:33.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-22840 (GCVE-0-2025-22840)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

CWE

Escalation of Privilege
CWE-1281 - Sequence of Processor Instructions Leads to Unexpected Behavior

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) 6 Scalable processors	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22840",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T03:55:09.729271Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:32.918Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:12.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) 6 Scalable processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-1281",
              "description": "Sequence of Processor Instructions Leads to Unexpected Behavior",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:37.844Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-22840",
    "datePublished": "2025-08-12T16:58:37.844Z",
    "dateReserved": "2025-01-08T04:00:28.820Z",
    "dateUpdated": "2026-02-26T17:49:32.918Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-22853 (GCVE-0-2025-22853)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

2.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE

Escalation of Privilege
CWE-662 - Improper Synchronization

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) TDX	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T03:55:10.986233Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:32.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 1.8,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-662",
              "description": "Improper Synchronization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:39.412Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-22853",
    "datePublished": "2025-08-12T16:58:39.412Z",
    "dateReserved": "2025-01-08T04:00:28.759Z",
    "dateUpdated": "2026-02-26T17:49:32.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-22889 (GCVE-0-2025-22889)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49

Summary

Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

7.9 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE

Escalation of Privilege
CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) 6 processor with Intel(R) TDX	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22889",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T03:55:12.117060Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:31.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:13.009Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) 6 processor with Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-1260",
              "description": "Improper Handling of Overlap Between Protected Memory Ranges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:58:40.909Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-22889",
    "datePublished": "2025-08-12T16:58:40.909Z",
    "dateReserved": "2025-01-16T04:00:23.796Z",
    "dateUpdated": "2026-02-26T17:49:31.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-1785

CVE-2025-20044 (GCVE-0-2025-20044)

CVE-2025-20053 (GCVE-0-2025-20053)

CVE-2025-20109 (GCVE-0-2025-20109)

CVE-2025-20613 (GCVE-0-2025-20613)

CVE-2025-21090 (GCVE-0-2025-21090)

CVE-2025-21096 (GCVE-0-2025-21096)

CVE-2025-22839 (GCVE-0-2025-22839)

CVE-2025-22840 (GCVE-0-2025-22840)

CVE-2025-22853 (GCVE-0-2025-22853)

CVE-2025-22889 (GCVE-0-2025-22889)

Tags

Sightings

Nomenclature